Re: dpkg and selinux

[Luke Kenneth Casson Leighton <lkcl@lkcl.net>]

a summary follows of the discussions of dpkg between scott and myself
(my thanks to scott for taking the time to read what i wrote yesterday,
 and for responding).

- dpkg needs in some way to set up the selinux file contexts of each
  and every file, directory, symlink and inode of a package it installs.

  if it does not do this, the default permissions are likely to be
  incorrect, such that the program is highly unlikely to work.

- russell's "postinst.d" patch is _one_ way to achieve this desired
  result: after files are unpacked, the list of files / directories
  of the package is taken and the selinux contexts are set on all
  those files and directories.

- dpkg "postinst" scripts, or more likely the /etc/init.d/* startup
  scripts MAY, in some unlikely cases, need to be modified to set
  permissions on files, directories or symlinks that they create
  INSIDE the "postinst" script or INSIDE their /etc/init.d/XXXX
  script.

  such modifications have, to date, found to be extremely rare.

  one recent example is, however, /etc/init.d/xfs which creates
  the directory /tmp/.font-unix and it is necessary to use
  restorecon to reset the permissions correctly on that directory.

- the proposed dpkg "trigger" system which scott kindly explained is
  an optimisation of the number of times that things like
  scrollkeeper-update, ldconfig, update-menus etc are called by
  package postinst scripts, to reduce these down to the absolute
  minimum [zero or one, at the end of a dpkg run].

- the dpkg "trigger" design would have to be stretched in order to
  fit selinux in, but should that be done, the resultant design
  could then also deal with "updatedb / locate" and other things
  that need to know what files a package has added or removed from
  a debian system.

- russell's "postinst.d" system is sufficiently confusingly similar
  to "triggers" such that it could end up being abused.

consequently, in short, it's probably best to patch dpkg's
"tarobject()" function to set the SE/Linux file permissions,
and to have those permissions preserved as the unpacked
archive is then moved into place.

l.

-- 
--
Truth, honesty and respect are rare commodities that all spring from
the same well: Love.  If you love yourself and everyone and everything
around you, funnily and coincidentally enough, life gets a lot better.
--
<a href="http://lkcl.net">      lkcl.net      </a> <br />
<a href="mailto:lkcl@lkcl.net"> lkcl@lkcl.net </a> <br />


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.